Modern mobile and stationary devices apply security measures for various purposes. These security measures can include encrypting or decrypting information. A module (otherwise known as a cryptographic module) can execute these security measures. A cryptographic module can include hardware, software, firmware, or a combination thereof. The cryptographic module is expected to encrypt (or decrypt) information using one or more encryption keys. Typically, a sequence of input signals (an input vector) is encrypted by a cryptographic key to provide an encrypted output (an output vector).
A cryptographic module is usually subjected to various types of attacks. These attacks are aimed to detect how the cryptographic module works and especially to determine the value of an encryption key that is utilized by the cryptographic module.
In September 1996, Boneh, Demillo, and Lipton from Bellcore announced a new type of cryptanalytic attack that exploits computational errors to find cryptographic keys. Their attack is applicable to public key cryptosystems. Later, E. Biham & A. Shamir extended this attack to various secret key cryptosystems such as DES, and AES.
Hardware faults can increase a cipher's vulnerability to cryptanalysis. The ways to exploit a cryptographic module faulty result differ from one cipher to another.
The attack usually includes fault injection and fault exploitation. Fault injection is a process where the attacker intentionally injects a fault at the appropriate time of the cryptographic module operation. Faults can be induced by various manners, including but not limited to subjecting the device to abnormal conditions (high temperature, very low temperatures, supplying a supply voltage level that does not correspond to the frequency of clock signal that is provided to the device, and the like).
Having the ability to introduce computational faults in cryptographic modules is an effective attacking method against cryptographic hardware devices.
Fault analysis attack or differential fault analysis (DFA) attack, uses faulty output of the crypto-engine to extract the secret key it uses to encrypt/decrypt data. Fault analysis attack can involve changing the frequency of a clock signal that is provided to the cryptographic module as well as changing the level of supply voltage that is supplied to the cryptographic module so as to cause the cryptographic module to malfunction.
Fault analysis attack is a “side channel attack.” Accordingly, the attack does not obtain the secret key in a direct way but computes the key out of other data it gets. Accordingly, an erasure of the stored key (e.g. stored in the cryptographic module) will not necessarily protect the key as the output already contains key related information.
In order to protect the key, the cryptographic module needs to halt immediately and should not provide any output once an attack attempt is discovered. This can be followed by a key erasure; however, this key erasure is not related to the DFA attack but is done as an action to attempt to attack the system.